i 



2. (Twice amended) The system 
SSL to create a secure 



3. (Once Amended) The system oi 
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cjf claim 6, wherein the communications engine uses 
communications link with the client. 



claim 6, wherein the communications engine 



negotiates an encryption protocol fior transferring messages to and from the client. 



4. (Once Amended) The system of 
public key certificates for transferring 



5. (Thrice amended) The system of 



:laim 6, wherein the communications engine uses 
messages to and from the client. 



;laim 6, wherein the security services use public key 




certificates to authenticate a user of the client to determine the client privileges. 

6. (Thrice amended) A system on a server computer system, comprising: 

a communications engine foi establishing a communications link with a client; 
security services coupled to the communications engine for determining client 
privileges, the security services further capable to examine the identity of a user of the 

to determine the client privileges; 
a web server for enabling thd client to select a service from a set of available 
services, the set of available services based on the client privileges; 

a host engine coupled to the security services and to the web server for providing 
to the client service communication code that enables communication with a selected 
service; and 

a keysafe for storing keys, etch key for enabling communication between the 

the set of available services, thereby enabling the 
client to access the available services without storing the service communication code 
and keys at the client. 



7. (Thrice amended) The system of claim 
public key certificate to authenticate) the 



6, wherein the security services examine a 
client to determine the client privileges. 



v 
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8. (Thrice amended) The system of claim 6, wherein the security services use a digital 
signature to authenticate the < lient to determine the client privileges. 

9. (Thrice amended) The sysAem of claim 6, wherein the host engine forwards to the 
client security code for enabling the client to perform a security protocol recognized by 
the security services. 



10. (Thrice amended) The system of claim 6, wherein one of the available services is 
secured by a firewall and one of \he keys is configured to enable communication through 
the firewall. 



1 1 . (Twice amended) The system 
the system. 

12. (Thrice amended) The system 
address identifying the location o 

13. (Thrice amended) The system 
the client a direct connection with 



14. (Thrice amended) The system 
communicating with the selected 



of claim 6, further comprising a firewall for protecting 



of claim 6, wherein one of the keys includes an 
the selected service. 

of claim 6, wherein the code uses a key to provide to 
the selected service. 



of claim 6, further comprising a proxy for 
s ervice, and wherein the code enables the client to 
communicate with the proxy and one of the keys enables the proxy to locate the selected 
service. 

jpele te claim l^J 



16. (Twice amended) The methoc 
link includes the step of using SSL 



of claim 20, wherein establishing a communications 
to create a secure communications link with the client. 
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17. (Once Amended) The method of claim 20, wherein establishing a communications 
link includes the step of negoi iating an encryption protocol for transferring messages to 
and from the client. 

18. (Once Amended) The method of claim 20, wherein establishing a communications 



link includes the step of using 
from the client. 



public key certificates for transferring messages to and 




19. (Twice amended) The method of claim 20, wherein determining client privileges 
includes the step of using public key certificates to authenticate a user of the client. 



20. (Twice amended) A co: 
establishing a co: 
determining client $ri 

identity of a user of the cli 
enabling the clienuto 

available services based on 

providing to the alien : 

with a selected service; find 
retrieving a key 

from the set of available sen 

the client and the selected 

services without storing the 



mter-based method comprising: 
n lications link with a client; 
'ileges, the determining including the step of examining the 

i the level of authentication; 
elect a service from a set of available services, the set of 
client privileges; 
service communication code that enables communication 



21. (Twice amended) The ni thod 
includes the step of examining 



set of keys, each key corresponding to a respective service 
ices, the retrieved key for enabling communication between 
service, thereby enabling the client to access the available 
service communication code and keys at the client. 



of claim 20, wherein determining client privileges 
a public key certificate to authenticate the client. 



22. (Twice amended) The method of claim 20, wherein determining client privileges 
includes the step of using a digital signature to authenticate the client. 
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23. (Twice amended) The method of claim 20, wherein establishing a communications 
link includes forwarding to) the client security code for enabling the client to perform a 
recognized security protoc 



24. (Thrice amended) The method of claim 20, further comprising the step of using one 
of the keys to communicate ihrough a firewall to the selected service. 



25. (Twice amended) The method of claim 20, wherein the method is performed by a 
server and further comprising lusing a firewall to protect the server. 



26. (Thrice amended) The melthod 
address identifying the locatioh 



of claim 20, wherein one of the keys includes an 
of the selected service. 



27. (Twice amended) The mefthod 
providing to the client a direc 



of claim 20, wherein providing includes the step of 
connection with the service. 



28. (Thrice amended) The m sthod of claim 20, further comprising using a proxy to 
communicate with the servicp, and wherein providing includes enabling the client to 
communicate with the proxy 




29. (Four times amended) A 
means for establishir 



identity of a user of the client 



means for enabling the client to select a service from a set of available services, 



the set of available services 
means for pro\ iding 



system on a server computer system, comprising: 
g a communications link with a client; 



means for determining client privileges including means for examining the 



and the level of authentication; 



5ased on the client privileges; 

to the client service communication code that enables 



communication with i , selected service; and 



means for retr ieving 



i key from a set of keys, each key corresponding to a 



respective service from the set of available services, the retrieved key for enabling 
communication between the <f lient and the selected service, thereby enabling the client to 
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services without storing the service communication code and keys at 



30. (Four times amended) A computer-based storage medium storing a program for 
causing a computer to jerform the steps of: 

establishing a cammunications link with a client; 

determining client privileges including examining the identity of a user of the 
client and the level of z uthentication; 

enabling the cli ;nt to select a service from a set of available services, the set of 
available services basec on the client privileges; 

client service communication code that enables communication 
ind 

rom a set of keys, each key corresponding to a respective service 
services, the retrieved key for enabling communication between 
the client and the selected service, thereby enabling the client to access the available 

the service communication code and keys at the client. 



providing to the 
with a selected service; 

retrieving a key 
from the set of available 




services without storing 
(Delete Claim 



32. (Once Amended) A method, comprising: 

receiving, from a client, as an advance communication, security information 
corresponding to one or more secured network services; 

storing the security information at a location remote from the client; 

receiving a client request from the client to access a secured network service; and 

using the stated security information to enable the client access to the secured 
network service withbut requiring the client to supply the stored security information. 



33. (Once Amended) A methbd according to claim 32, wherein the security information 
includes one or more keys corresponding to respective ones of the secured network 
services. 
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34. (Once Amended) A method according to claim 32, wherein at least one of the keys 
includes a certificate for accessing at least one of the secured network services. 



35. (Once Amended) A method according to claim 32, further comprising determining 
client privileges of the client, and wherein the using the stored security information is 
provided if the privileges correspond to privilege requirements of the secured network 



service. 




36. (Once Amended) A method 
client privileges of the client and 
ecured network services corres 



according to claim 32, further comprising determining 
enabling the client to select a service from ones of the 
pbnding to the determined client privileges. 



37. (Once Amended) A system, comprising 

means for receiving, from 
information corresponding to one o 
means for storing the security 
means for receiving a client 
service; and 

means for using the stored 
secured network service without 
information. 



client, as an advance communication, security 
more secured network services; 
information at a location remote from the client; 
request from the client to access a secured network 

security information to enable the client access to the 
requiring the client to supply the stored security 



38. (Once Amended) A computer-readable storage medium storing program code for 
causing a computer to perform the /steps of: 

receiving, from a client, as/an advance communication, security information 
corresponding to one or more secured network services; 

storing the security information at a location remote from the client; 



receiving a client request 



from the client to access a secured network service; and 



network service without requirin 



using the stored security information to enable the client access to the secured 



the client to supply the stored security information. 



PaloAlto/33 139.1 



7 of 16 



